Traffic anomaly detection is emerging as a necessary component as wireless networks gain popularity. In this paper, based on the improved Autoregressive Integrated Moving Average (ARIMA) model, we propose a traffic anomaly detection algorithm for wireless sensor networks (WSNs) which considers the particular imbalanced, nonstationary properties of the WSN traffic and the limited energy and computing capacity of the wireless sensors at the same time. We systematically analyze the characteristics of WSN traffic, the causes of WSN abnormal traffic, and the latest related research and development. Specifically, we improve the traditional time series ARIMA model to make traffic prediction and judge the traffic anomaly in a WSN. Simulated and real WSN traffic data gathered from University of North Carolina are used to carry out simulations on Matlab. Simulation results and comparative analyses demonstrate that our proposed WSN traffic anomaly detection scheme has better anomaly detection accuracy than traditional traffic anomaly detection algorithms.
As WSNs gain popularity, they are becoming more and more necessary for traffic anomaly detection. Because worms, attacks, intrusions, and other kinds of malicious behaviors can be recognized by traffic analysis and anomaly detection, WSN traffic anomaly detection provides useful tools for timely reaction and appropriate prevention in network security. In the paper, we improve exploitation of GM(1,1) model to make traffic prediction and judge the traffic anomaly in WSNs. Based on our systematical researches on the characteristics of WSN traffic, the causes of WSN abnormal traffic, and latest related research and development, we better exploit the GM(1,1) model following four guidelines: using a sliding window to determine historical data for modeling, optimizing initial value of one-order grey differential equation, making traffic prediction by short step exponential weighted average method, and judging whether the traffic of the next moment is abnormal by Euclidean distance. Then, we propose a traffic anomaly detection algorithm for WSNs based on the improved exploitation of GM(1,1) model. Simulation results and comparative analyses demonstrate that our proposed WSN traffic anomaly detection algorithm can reduce the undetected rate and has better anomaly detection accuracy than traditional traffic anomaly detection algorithms.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.